package cn.lili.security;

import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @Author Sylow
 * @Description
 * @Date: Created in 16:51 2025/6/11
 */
@Slf4j
public abstract class BaseAuthenticationFilter extends OncePerRequestFilter {

    protected final AuthenticationManager authenticationManager;

    protected BaseAuthenticationFilter(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    @Override
    protected void doFilterInternal(HttpServletRequest request,
                                    HttpServletResponse response,
                                    FilterChain chain) throws ServletException, IOException {


        if (shouldAuthenticate(request)) {
            authenticateRequest(request, response);
        }

        chain.doFilter(request, response);

    }

    // 抽象方法 - 子类实现具体认证逻辑
    protected abstract void authenticateRequest(
            HttpServletRequest request,
            HttpServletResponse response
    ) throws ServletException, IOException;

    // 抽象方法 - 决定是否需要进行认证
    protected abstract boolean shouldAuthenticate(HttpServletRequest request);

}